Rowan

Oh I wasn't being sarcastic when I said it was king shit I'm all for this

I don't have a horse in the baseball fight but listening to the game on the free radio broadcast rules

Truly the "I told you so" of all time

Gotta say this is king shit from the libxml2 folks who know perfectly well it's used in all kinds of external facing mission critical places

It's fun! But probably only good if you hate nuance or dislike Frankenstein by Mary Shelley

Spent the entire new Frankenstein movie scared the monster was going to come out of the screen and start beating me over the head with the moral of the story

Fair point I think that specific CVE is relatively hard until you add autodict which is actually a great example for my use case

Yeah agreed I just mostly want a good set of known bugs in the sample set so there's a sense of accomplishment instead of just "cool more coverage this way! You'll probably never find a bug though"

Fuzzer shallow e.g. CVE-2023-50268

Luckily there are some really really shallow bugs out there, it's just taking a couple hours to find em

I know unifuzz and fuzz bench exist but they don't quite serve my purpose, I need more bugs because the benchmark is for a fuzzer that starts off quite bad with no feedback and I need serotonin for users

Is the best way to make a bug based fuzzing benchmark really just to go through CVEs and find every issue in the tracker and hope there's a POC 😭

Talk Tomorrow: "Scalable Static Analysis and High-Performance Logic Programming" (github.com/kmicinski/mi...)

me (recently into bouldering):
CI:
me:
CI: ...
me: nice, come on
CI: ...
me: yeah, come on...
CI: ...
me:
CI: ...
me: COME ON!!
CI: ...
CI: ❌
me: ah! good attempt!!

Must-read for fuzzing folks (read: tooling/algorithms/academia) by Addison Crump
addisoncrump.info/research/wha...

A sandwich is $3000 but if you want meat that's another $1500 and oh if you want lettuce that's another $1500. Mustard? You're not gonna believe this

I don't have a pic but when I was a kid I made a wooper out of the red wax from a big basket of babybel cheeses

Update I did not use beamer so it only took 3 hours!!!

Ooh I don't know if I can get behind this I had a little party when they added File::lock/lock_shared to std

Making my conference slides and formatting code in google slides sucks and the devil on my shoulder is telling me to use beamer but I will NOT

Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor Microsoft restricts IE Mode in Edge after threat actors exploited Chakra engine flaws for remote access.

I'm shocked.. thehackernews.com/2025/10/micr...

The emphasis on "clone means perf loss" made me try and avoid it at all costs but that meant I didn't actually evaluate whether that's true until kind of recently because for refs it's not!

Yeah, you could say I'm a vibe coder (using claude to suggest synonyms of my traits with different first letters so they can all be abbreviated prettily as generic parameters)

Sad I didn't come up for this one I'm becoming a Mariners fan by default (lack of a pdx team besides the pickles who run out of fried pickles at their games constantly)

SpongeBob with rock about to fall on him. Caption says "not in library code".

I have a hot take that Result is extremely overused in places where stuff should probably just panic and often ends up obscuring the problem by bubbling up errors too high. Panicking is okay!

TIL about # [expect], I've been bitten a couple times by changing # [allow(unused)] that actually was!

None of the tables of specs and such in at least the translated version are populated sadly

I know sushi masters spend 5 years learning to make rice and egg and I'll never be that but let's be real the fish itself is not that different

Never going to be the same now that I can just buy sashimi grade fish as uwajimaya and get 75% of the restaurant sushi experience for 15% of the price